nikdoof/simple-webfinger
1
0
Fork 0
mirror of https://github.com/nikdoof/simple-webfinger.git synced 2025-12-13 10:22:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Return Error 400 on invalid requests

Browse Source
This commit is contained in:
Andrew Williams
2024-08-16 10:03:34 +01:00
parent 479dcd8a52
commit 5862b259d1
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
simple_webfinger/app.py
View File

@@ -46,13 +46,21 @@ def filter_links(links, rel):
@app.route("/.well-known/webfinger") @app.route("/.well-known/webfinger")
def webfinger(): def webfinger():
resource = request.args.get('resource') resource = request.args.get('resource')
# No resource requested, so return a HTTP 400
if not resource:
abort(400)
account, domain = urlparse(resource).path.split('@') account, domain = urlparse(resource).path.split('@')
# If the request is not for the correct domain, or for an account that doesn't exist, return 404
if domain != data['domain'] or account not in data['accounts']: if domain != data['domain'] or account not in data['accounts']:
abort(404) abort(404)
links = get_account_links(account) links = get_account_links(account)
# If we have a 'rel' value on the request, filter down to the requested rel
# https://datatracker.ietf.org/doc/html/rfc7033#section-4.3
rel = request.args.get('rel') rel = request.args.get('rel')
if rel: if rel:
links = filter_links(links, rel) links = filter_links(links, rel)